Off topic a bit, but I often hear people wanting to use AWS so they have someone with big pockets to sue. I always wonder why they think AWS won’t use their money on lawyers, private eyes, and never pay at all.

I don’t think the problem is MSPs as a whole, I think it’s cheap execs who go with the lowest bidder and the cheap MSPs who take their money to do almost nothing.

I worked for an MSP a few years ago. We used a monitoring tool, and on of our co-managed clients (a regional healthcare provider) used the same monitoring tool. When a major vulnerability in that monitoring tool was exploited, our client’s instance was hacked, and ours was not. As a good MSP we knew how to properly configure and secure the tool, while their in-house IT just installed the tool and moved on to the next thing.

TL;DR: Shitty IT people will be shitty IT people. I’ve cleaned up after a lot of incompetent internal IT departments, and an equal number of incompetent MSPs.